Commit Graph

148388 Commits

Author SHA1 Message Date
Brooks Davis
838d985825 Rework the credential code to support larger values of NGROUPS and
NGROUPS_MAX, eliminate ABI dependencies on them, and raise the to 1024
and 1023 respectively.  (Previously they were equal, but under a close
reading of POSIX, NGROUPS_MAX was defined to be too large by 1 since it
is the number of supplemental groups, not total number of groups.)

The bulk of the change consists of converting the struct ucred member
cr_groups from a static array to a pointer.  Do the equivalent in
kinfo_proc.

Introduce new interfaces crcopysafe() and crsetgroups() for duplicating
a process credential before modifying it and for setting group lists
respectively.  Both interfaces take care for the details of allocating
groups array. crsetgroups() takes care of truncating the group list
to the current maximum (NGROUPS) if necessary.  In the future,
crsetgroups() may be responsible for insuring invariants such as sorting
the supplemental groups to allow groupmember() to be implemented as a
binary search.

Because we can not change struct xucred without breaking application
ABIs, we leave it alone and introduce a new XU_NGROUPS value which is
always 16 and is to be used or NGRPS as appropriate for things such as
NFS which need to use no more than 16 groups.  When feasible, truncate
the group list rather than generating an error.

Minor changes:
  - Reduce the number of hand rolled versions of groupmember().
  - Do not assign to both cr_gid and cr_groups[0].
  - Modify ipfw to cache ucreds instead of part of their contents since
    they are immutable once referenced by more than one entity.

Submitted by:	Isilon Systems (initial implementation)
X-MFC after:	never
PR:		bin/113398 kern/133867
2009-06-19 17:10:35 +00:00
Brian Somers
f345b422d1 When running pkg_add -r, check & install our dependencies for each
package rather than expecting our top level package to get all of
the dependencies correct.

Previously, the code depended on the top level package having all
of the pkgdep lines in +CONTENTS correct and in the right order,
but that doesn't always happen due to code such as this (in
security/gnutls/Makefile):

    .if (defined(WITH_LZO) || exists(${LOCALBASE}/lib/liblzo2.so)) && !defined(WITHOUT_LZO)
    LIB_DEPENDS+=           lzo2:${PORTSDIR}/archivers/lzo2
    ....

With such conditional dependencies, my 'sophox-packages' package won't
install.  The dependency tree looks like this:

    sophox-packages
      ...
      x11/gnome2
        x11/gnome-applets
          net/libgweather
            devel/libsoup
              security/gnutls
                security/libgcrypt
                  security/libgpg-error
      ...
      x11/gnome2
        archivers/file-roller
          archivers/gtar
            archivers/lzop
              archivers/lzo2
      ...

gnutls doesn't depend on lzo2 initially, but lzo2 is dragged into the
mix via other dependencies and is built by the initial 'make'.  The
subsequent package generation for gnutls adds a pkgdep line for lzo2
to gnutls' +CONTENTS but the pkgdeps in sophox-packages' +CONTENTS
has gnutls *before* lzo2.

As a result, sophox-packages cannot install; gnutls fails because lzo2
is missing, 82 more packages fail because gnutls is missing and the
whole thing spirals into a super-confusing mess!

MFC after:	3 weeks
2009-06-19 17:07:38 +00:00
Brooks Davis
54404cfb13 In preparation for raising NGROUPS and NGROUPS_MAX, change base
system callers of getgroups(), getgrouplist(), and setgroups() to
allocate buffers dynamically.  Specifically, allocate a buffer of size
sysconf(_SC_NGROUPS_MAX)+1 (+2 in a few cases to allow for overflow).

This (or similar gymnastics) is required for the code to actually follow
the POSIX.1-2008 specification where {NGROUPS_MAX} may differ at runtime
and where getgroups may return {NGROUPS_MAX}+1 results on systems like
FreeBSD which include the primary group.

In id(1), don't pointlessly add the primary group to the list of all
groups, it is always the first result from getgroups().  In principle
the old code was more portable, but this was only done in one of the two
places where getgroups() was called to the overall effect was pointless.

Document the actual POSIX requirements in the getgroups(2) and
setgroups(2) manpages.  We do not yet support a dynamic NGROUPS, but we
may in the future.

MFC after:	2 weeks
2009-06-19 15:58:24 +00:00
Brooks Davis
68cc62cec1 When checking if we can write to a file, use access() instead of a
manual permission check based on stat output.  Also, get rid of the
executability check since it is not used.

MFC after:	2 weeks
2009-06-19 15:52:35 +00:00
Edwin Groothuis
59d5849208 MFV of r194480
- Official start of Bangladesh DST.
2009-06-19 11:52:07 +00:00
Edwin Groothuis
1f0cbeddf1 Vendor import of tzdata2009j
- Official start of Bangladesh DST start.

Obtained from:	ftp://elsie.nci.nih.gov/pub/
2009-06-19 11:23:10 +00:00
Edwin Groothuis
2c4760a6f7 The "original" PR said that there were two issues with the motd
(Eyes of the daemon not synced and the motd not displayed properly
on black-on-white screens): The first one was not valid anymore
since the text and logo were swapped already, the second one is
fixed by resetting the whole colourscheme instead of only the
background colour.

(also removed svn:keywords from motd since it doesn't have the
 string $FreeBSD$ in it)

PR:		misc/15876
Submitted by:	peter.jeremy@ALCATEL.COM.AU
MFC after:	1 week
2009-06-19 07:18:45 +00:00
Rui Paulo
9d0a7bee3b ieee80211_dwds_mcast(): check the correct mbuf ptr after encap. 2009-06-18 21:15:41 +00:00
John Baldwin
afd9f91c63 Fix a deadlock in the getpeername() method for UNIX domain sockets.
Instead of locking the local unp followed by the remote unp, use the same
locking model as accept() and read lock the global link lock followed by
the remote unp while fetching the remote sockaddr.

Reported by:	Mel Flynn  mel.flynn of mailing.thruhere.net
Reviewed by:	rwatson
MFC after:	1 week
2009-06-18 20:56:22 +00:00
Andrew Thompson
f06a3a36ac Track the kernel mapping of a physical page by a new entry in vm_page
structure. When the page is shared, the kernel mapping becomes a special
type of managed page to force the cache off the page mappings. This is
needed to avoid stale entries on all ARM VIVT caches, and VIPT caches
with cache color issue.

Submitted by:	Mark Tinguely
Reviewed by:	alc
Tested by:	Grzegorz Bernacki, thompsa
2009-06-18 20:42:37 +00:00
Alan Cox
c45c00344f Utilize the new function kmem_alloc_contig() to implement the UMA back-end
allocator for the jumbo frames zones.  This change has two benefits: (1) a
custom back-end deallocator is no longer required.  UMA's standard
deallocator suffices. (2) It eliminates a potentially confusing artifact
of using contigmalloc(): The malloc(9) statistics contain bogus information
about the usage of jumbo frames.  Specifically, the malloc(9) statistics
report all jumbo frames in use whereas the UMA zone statistics report the
"truth" about the number in use vs. the number free.
2009-06-18 17:59:04 +00:00
Alexander Kabaev
e7733ffa39 Re-do r192913 in less intrusive way. Only do IP_RECVDSTADDR/IP_SENDSRCADDR
dace for UPDv4 sockets bound to INADDR_ANY. Move the code to set
IP_RECVDSTADDR/IP_SENDSRCADDR into svc_dg.c, so that both TLI and non-TLI
users will be using it.

Back out my previous commit to mountd. Turns out the problem was affecting
more than one binary so it needs to me addressed in generic rpc code in
libc in order to fix them all.

Reported by:	lstewart
Tested by:	lstewart
2009-06-18 17:10:43 +00:00
Hajimu UMEMOTO
46f39347f5 Since the width is always 2, it is enough to put just one
trailing space is enough.

MFC after:	1 week
2009-06-18 16:40:00 +00:00
Nick Hibma
b94b189aa5 - Don't hard code _.disk.full. Use the variable.
- _.bk should be created in MAKEOBJDIRPREFIX as well
- Remove a misplaced and unnecessary message.
2009-06-18 13:56:10 +00:00
Nick Hibma
6a1364c774 Reverse some stuff I accidentally committed in the previous commit:
- creation of sparse files to speed up the build process. This was
  discussed with phk 2 years ago and he disagreed with this change.
- handling of negative data partition sizes.

Can I have the ... green pointy hat, please?
2009-06-18 11:35:29 +00:00
Ivan Voras
63f4d880e0 Fix tabs, slightly improve comments.
Approved by:	gnn (mentor) (original)
Noticed by:	stas
2009-06-18 11:12:11 +00:00
Coleman Kane
d9cacbcf4f Replace use of ic->ic_flags with vap->iv_flags to operate on per-vap flags
for ndis 802.11 work.

Submitted by:	Paul B. Mahol <onemda@gmail.com>
2009-06-18 11:12:10 +00:00
Nick Hibma
95d876623e Allow building world into a separate dir (for reuse in multiple images):
- buildworld and buildkernel are built into MAKEOBJDIRPREFIX
- installworld and installkernel are performed on NANO_OBJ.

No change of functionality if MAKEOBJDIRPREFIX is not set. If it is sea,t
clean_world deletes NANO_OBJ instead of NANO_WORLDDIR. By starting nanobsd.sh
with the -b option the existing world can be reused to build a new world
reducing time and disk space considerably.

While there:
- Fix two cases where (in comments) MAKEOBJDIRPREFIX should have been
  NANO_DISKIMGDIR.
- Simplify an 'if (not wrong); then true; else action; fi' into
  'if wrong; then action; fi'. 'if ! false; then echo hello; fi' produces hello.

Note: Make sure you use NANO_OBJ were you use MAKEOBJDIRPREFIX now in your
nanobsd.conf files if you want to split out.
2009-06-18 10:39:08 +00:00
Alan Cox
aea6e893ed Add support for UMA_SLAB_KERNEL to page_free(). (While I'm here remove an
unnecessary newline character from the end of two panic messages.)
2009-06-18 07:27:11 +00:00
Alan Cox
57a7e73261 Fix some of the style errors in *getpages(). 2009-06-18 05:56:24 +00:00
Rick Macklem
76b30a0cd4 Add the SVC_RELEASE(xprt), as required by r194407.
Approved by:	kib (mentor)
2009-06-17 22:55:59 +00:00
Rick Macklem
6b97c9f09a Since svc_[dg|vc|tli|tp]_create() did not hold a reference count on the
SVCXPTR structure returned by them, it was possible for the structure
to be free'd before svc_reg() had been completed using the structure.
This patch acquires a reference count on the newly created structure
that is returned by svc_[dg|vc|tli|tp]_create(). It also
adds the appropriate SVC_RELEASE() calls to the callers, except the
experimental nfs subsystem. The latter will be committed separately.

Submitted by:	dfr
Tested by:	pho
Approved by:	kib (mentor)
2009-06-17 22:50:26 +00:00
Jilles Tjoelker
3055b7c6ff Properly flush input after an error in backquotes in interactive mode.
For parsing an old-style backquote substitution (`...`),
a string "file" is used to store the contents of the
substitution (with the special backslash processing done).
If an error occurs, the shell cleans up all these files
(returning to the top level) and flush the top level
file. Erroneously, it first flushed the current file and
then cleaned up all extra files, so that the top level
file (i.e. the terminal) was not flushed.

Example (in interactive mode):
  echo `for` echo This should not be printed

Also noticeable in (in interactive mode):
  echo `(`
The old version prints an extraneous prompt.

Approved by:	ed (mentor)
2009-06-17 21:58:32 +00:00
Alan Cox
f0553fdbc4 Eliminate unnecessary forward declarations. 2009-06-17 20:12:23 +00:00
John Baldwin
4b7b144f63 Regen. 2009-06-17 19:53:47 +00:00
John Baldwin
7228812fd2 Regen for added flags field. 2009-06-17 19:53:20 +00:00
John Baldwin
21def99b51 - Add the ability to mix multiple flags seperated by pipe ('|') characters
in the type field of system call tables.  Specifically, one can now use
  the 'NO*' types as flags in addition to the 'COMPAT*' types.  For example,
  to tag 'COMPAT*' system calls as living in a KLD via NOSTD.  The COMPAT*
  type is required to be listed first in this case.
- Add new functions 'type()' and 'flag()' to the embedded awk script in
  makesyscalls.sh that return true if a requested flag is found in the
  type field ($3).  The flag() function checks all of the flags in the
  field, but type() only checks the first flag.  type() is meant to be
  used in the top-level "switch" statement and flag() should be used
  otherwise.
- Retire the CPT_NOA type, it is now replaced with "COMPAT|NOARGS" using
  the flags approach.
- Tweak the comment descriptions of COMPAT[46] system calls so that they
  say "freebsd[46] foo" rather than "old foo".
- Document the COMPAT6 type.
- Sync comments in compat32 syscall table with the master table.
2009-06-17 19:50:38 +00:00
Sean Nicholas Barkas
fe1bd0a483 Keep dirhash tailq locked throughout the entirety of ufsdirhash_destroy() to fix
a potential race pointed out by pjd. Also use TAILQ_FOREACH_SAFE to iterate over
dirhashes in ufsdirhash_lowmem(), so that we can continue iterating even after a
dirhash is destroyed.

Suggested by:	pjd
Tested by:      pho
Approved by:	dwmalone (mentor)
2009-06-17 18:55:29 +00:00
John Baldwin
8ee45544b2 Retire the unused stub for the nfsclnt() system call. 2009-06-17 18:52:42 +00:00
John Baldwin
0ec0b41cf6 Remove the now-unused NOIMPL flag. It serves no useful purpose given the
existing UNIMPL and NOSTD types.
2009-06-17 18:46:14 +00:00
John Baldwin
f425839118 - NOSTD results in lkmressys being used instead of lkmssys.
- Mark nfsclnt as UNIMPL.  It should have been NOSTD instead of NOIMPL back
  when it lived in nfsclient.ko, but it was removed from that a long time
  ago.
2009-06-17 18:44:15 +00:00
Sam Leffler
d1a3f05d54 update usb config; the old stack is gone 2009-06-17 17:59:36 +00:00
Sam Leffler
7172b41850 enable npe-a now that it works 2009-06-17 17:58:18 +00:00
Sam Leffler
1f5c3c70bd Add workaround to get IXP435 NPE-A working: reseting NPE-A after NPE-C
causes both to become inoperative; this apparently was done by the original
IAL code as a workaround for IMEM parity errors which we've not seen so
just disable the reset.

Note this problem does not occur on IXP425 boards. The linux driver does
fuse-resets on each NPE but in the order NPE-A < NPE-B < NPE-C (when probing
for which NPE's are present/operational); we may want to switch to a similar
scheme but for now disable the resets until we see an issue.
2009-06-17 17:57:52 +00:00
Alan Cox
d78200e4e8 Refactor contigmalloc() into two functions: a simple front-end that deals
with the malloc tag and calls a new back-end, kmem_alloc_contig(), that
allocates the pages and maps them.

The motivations for this change are two-fold: (1) A cache mode parameter
will be added to kmem_alloc_contig().  In other words, kmem_alloc_contig()
will be extended to support the allocation of memory with caller-specified
caching. (2) The UMA allocation function that is used by the two jumbo
frames zones can use kmem_alloc_contig() in place of contigmalloc() and
thereby avoid having free jumbo frames held by the zone counted as live
malloc()ed memory.
2009-06-17 17:19:48 +00:00
Nathan Whitehorn
30a2bd2f78 Teach cpu_est_clockrate() about the G5's slightly different PMC. This
allows the boot messages to include the CPU speed and makes possible
the forthcoming cpufreq support for the PPC 970.
2009-06-17 16:34:40 +00:00
Bjoern A. Zeeb
ebd8672cc3 Add explicit includes for jail.h to the files that need them and
remove the "hidden" one from vimage.h.
2009-06-17 15:01:01 +00:00
Hajimu UMEMOTO
bd97a998dc Fix column width of weekday names for multibyte locales.
Noticed by:	nyan
Discussed with:	matusita, takawata
MFC after:	1 week
2009-06-17 14:47:06 +00:00
Jamie Gritton
baab20bd4e Use the right jail parameters for -v (cpuset has changed to cpuset.id).
Reported by:	netchild
Approved by:	bz (mentor)
2009-06-17 14:32:08 +00:00
Rick Macklem
81e3c4fc8e Fix handling of ".." in nfs_lookup() for the forced dismount case
by cribbing the change made to the regular nfs client in r194358.

Approved by:	kib (mentor)
2009-06-17 14:10:18 +00:00
Konstantin Belousov
b3c5643a25 For dotdot lookup in nfs_lookup, inline the vn_vget_ino() to prevent
operating on the unmounted mount point and freed mount data in case of
forced unmount performed while dvp is unlocked to nget the target vnode.

Add missed calls to m_freem(mrep) there on error exits [1].

Submitted by:	rmacklem [1]
Tested by:	pho
MFC after:	2 weeks
2009-06-17 12:47:27 +00:00
Bjoern A. Zeeb
7654a365db Add the explicit include of vimage.h to another five .c files still
missing it.

Remove the "hidden" kernel only include of vimage.h from ip_var.h added
with the very first Vimage commit r181803 to avoid further kernel poisoning.
2009-06-17 12:44:11 +00:00
Konstantin Belousov
f02c9d2858 Decrement state->ls_threads when vnode appeared to be doomed.
Reported and tested by:	pho
2009-06-17 12:43:04 +00:00
Randall Stewart
d50c1d79d0 Changes to the NR-Sack code so that:
1) All bit disappears
2) The two sets of gaps (nr and non-nr) are
   disjointed, you don't have gaps struck in
   both places.

This adjusts us to coorespond to the new draft. Still
to-do, cleanup the code so that there are only one set
of sack routines (original NR-Sack done by E cloned all
sack code).
2009-06-17 12:34:56 +00:00
Bjoern A. Zeeb
2aabdeb1f6 Add a .cvsignore file and along with that put an svn:ignore proprty
on the directory like we have for all other target architectures.

Discussed with:	imp (kind of)
2009-06-17 10:48:32 +00:00
Bjoern A. Zeeb
ed34ec5ed8 Make compile again using proper protoypes for
pcib_read/write_config DEVMETHOD.
2009-06-17 10:26:37 +00:00
Bjoern A. Zeeb
23678e67c0 Make compile again using the correct prototype for the
device shutdown method.
2009-06-17 10:23:25 +00:00
Alan Cox
2d59a004af Pass the size of the mapping to contigmapping() as a "vm_size_t" rather
than a "vm_pindex_t".  A "vm_size_t" is more convenient for it to use.
2009-06-17 07:11:38 +00:00
Ulf Lilleengen
7ca3f45cd2 - Allow a higher value for the number of heads. Its better to do this and allow
a few bad systems to run than to be completely strict about it.
2009-06-17 06:47:05 +00:00
Ulf Lilleengen
ea32a6995b - Back out the previous change in order to maintain compatibility. 2009-06-17 06:41:10 +00:00